Over 15 years since its initial conception, and more than three years since the U.S. federal government made it a fundamental tenet of its overall cybersecurity strategy, Zero Trust has only become a more important strategic framework for government and critical infrastructure alike.
The strategic emphasis on Zero Trust implementation in high-level U.S. government policies, like the Presidential Executive Order on Improving the Nation's Cybersecurity, made it clear that federal departments and private enterprises should consider Zero Trust architecture (ZTA) implementation. But, the question of how has been less clear. To address that knowledge gap, the U.S. federal Zero Trust Strategy advised organizations to look toward an authoritative source of cybersecurity standards and best practices for guidance – the U.S. National Institute of Standards and Technology (NIST).
That's why, just over three years ago, Palo Alto Networks was honored to announce our initial selection to join NIST’s National Cybersecurity Center of Excellence’s Zero Trust Architecture (ZTA) lab. Following our selection, a team from Palo Alto Networks went hard at work, partnering with NIST and industry peers to build end-to-end Zero Trust architectures in NIST’s labs by leveraging a broad range of Palo Alto Networks technologies.
The result: NIST Special Publication 1800-53 on Implementing a Zero Trust Architecture, a high-level strategic blueprint for any organization looking to start or mature their own Zero Trust journeys. NIST also published a more extensive web version of the Special Publication, including technical details about how to specifically deploy and configure several technologies by Palo Alto Networks to achieve Zero Trust outcomes. For easy reference, the table below highlights the key Palo Alto Networks references throughout the Special Publication.
The overall goal of Palo Alto Networks partnering with NIST was to demonstrate that it is possible to build interoperable, end-to-end Zero Trust architectures, reducing the operational integration challenges that so often prevent organizations from practically implementing Zero Trust. To address these barriers, we embraced a few fundamental principles that define our Zero Trust strategy:
Curious about the new NIST Special Publication on Zero Trust Architecture and how you can deploy and configure Palo Alto Networks technologies to achieve your own Zero Trust goals? Check out this quick reference guide for an overview of how Palo Alto Networks was featured:
NIST Special Publication 1800-53: Zero Trust Architecture
|
| Project Overview
Describes how core Palo Alto Networks capabilities like User-ID, App-ID and Device-ID enable consistent Zero Trust policy enforcement across Next Generation Firewall (hardware-based, virtualized and containerized form factors), Prisma Access and Cortex XDR. |
| Architecture and Builds: ZTA Laboratory Physical Architecture
Describes how Palo Alto Networks Next Generation Firewall (PA-5250) was used to protect the internet access point for NIST’s entire ZTA lab, and how a single PA-5250 NGFW (split into virtual systems) was used to protect the network perimeter for each of the lab’s five simulated enterprises and branch offices. |
| Builds Architecture Details: Enterprise 1, Build 5
Features Enterprise 1 Build 5, an end-to-end ZTA solution that features numerous Palo Alto Networks technologies:
|
| How-To Guide: Enterprise 1, Build 5
Describes detailed instructions for installing, configuring and integrating all of the Palo Alto Networks technologies (listed above) used to implement Enterprise 1, Build 5. |
| Functional Demonstration: Enterprise 1, Build 5
Describes how Palo Alto Networks technologies featured in Enterprise 1, Build 5 were tested and validated by NIST as technically meeting several defined Zero Trust use cases and scenarios. |
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.